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1 DETAILED ACTION 

2 

3 This action is in response to the communication filed on 12/22/08. 

4 All objections and rejections not set forth below have been withdrawn. 

5 Claims 1 - 14 are cancelled, claims 15-28 are pending. 
6 

7 Specification 

8 

9 The specification is objected to as failing to provide proper antecedent basis for 

1 0 the claimed subject matter. See 37 CFR 1 .75(d)(1 ) and MPEP § 608.01 (o). Correction 

1 1 of the following is required: 

1 2 The specification fails to provide proper antecedent basis for the recitations of 

13 "first software", "second software", third software", "fourth software", "fifth software", "fifth 

14 software that stops an operation executed by said input/output data when said fourth 

15 software determines", "said fourth software determines whether...", "...to user attributes 

16 acquired by said third software" [claim 15, and similarly claim 20], "sixth software", 

17 "seventh software", "wherein said sixth software determines authorization of the user to 

18 use said computer before execution of said third and fourth software", "when the sixth 

19 software determines "...at least one of the third and fourth software" [claim 16], 

20 "sixth software that references", "and compares input/output data acquired by said first 

21 software", "wherein said fifth software stops...", "...also when it is determined by said 

22 sixth software" [claim 17], "wherein said fifth software executes ... when said first 
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1 software acquires..." [claim 18], and "wherein said fifth software stops ... when said first 

2 software acquires..." [claim 19]. 
3 



4 Claim Rejections - 35 USC §112 

5 

6 The following is a quotation of the first paragraph of 35 U.S.C. 112: 

7 The specification shall contain a written description of the invention, and of the manner and process of 

8 making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 

9 art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
1 0 set forth the best mode contemplated by the inventor of carrying out his invention. 

11 

12 Claims 15-20 are rejected under 35 U.S.C. 112, first paragraph, as failing to 



13 comply with the written description requirement. The claim(s) contains subject 

14 matter which was not described in the specification in such a way as to reasonably 

15 convey to one skilled in the relevant art that the inventor(s), at the time the application 

16 was filed, had possession of the claimed invention. Applicant has not pointed out where 

17 the new (or amended) claim is supported, nor does there appear to be a written 

18 description of the claim limitations in the application as filed (see above objection to the 

19 specification). 

20 
21 

22 The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

23 The specification shall conclude with one or more claims particularly pointing out and distinctly 

24 claiming the subject matter which the applicant regards as his invention. 
25 

26 Claims 15-20 are rejected under 35 U.S.C. 112, second paragraph, as 

27 being indefinite for failing to particularly point out and distinctly claim the subject 

28 matter which applicant regards as the invention. 



Application/Control Number: 10/579,668 
Art Unit: 2437 



Page 4 



1 

2 Regarding claims 1 5 - 20, the recitations of a "first software", "second software", 

3 "third software" etc. lack any standard meaning to one of ordinary skill in the art. Where 

4 applicant acts as his or her own lexicographer the written description must clearly define 

5 the claim term so as to put one reasonably skilled in the art on notice of the applicant's 

6 intended definition. As the specification does not clearly redefine these terms, these 

7 terms indefinite and the scope of these claims are rendered indeterminate. 
8 

9 Regarding claim 15, the recitation of "...software that references, in said 

1 0 determining of whether said input/output data is invalid data, said determination rules 

1 1 that correspond to attribute information acquired in the acquisition of attribute 

1 2 information determines whether said input/output data is invalid" in nonsensical (see last 

13 4 lines). Specifically, the claim is grammatically improper. Thus, it is unclear as to what 

14 the clause "determines whether said input/output data is invalid" is modifying. For the 

15 purpose of examination, the examiner presumes the applicant to recite "...software that 

1 6 references, in said determining of whether said input/output data is invalid data, said 

1 7 determination rules that correspond to attribute information acquired in the acquisition of 

1 8 attribute information ". 
19 

20 Regarding claim 1 6, the recitation "...wherein said software that determines 

21 authorization performs this before it is determined whether said input/output data is 

22 invalid data, and when it is determined in the determining authorization that there is no 
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1 authorization to use said computer, said program causes said computer to not execute 

2 at least one of the following: acquiring attribute information and said determination of 

3 whether said input/output data is invalid data" is unclear. Specifically, "said software 

4 that determines authorization" lacks antecedent basis within the claim. Furthermore, 

5 it is unclear as to what "this" is referring to within the claim. Finally, the claim appears 

6 either to be incomplete or inconsistent as the recitation of "acquiring attribute 

7 information" appears to be a necessary and prior element for the software to 

8 "determine authorization". Therefore, it is unclear as to how the software is able to not 

9 execute "acquiring attribute information" when such has apparently already been 

10 executed. For purpose of examination, the examiner presumes the applicant to recite, 

1 1 "wherein software determines authorization before it is determined whether said 

1 2 input/output data is invalid data, and when it is determined in the determining 

1 3 authorization that there is no authorization to use said computer, said program causes 

1 4 said computer to not execute said determination of whether said input/output data is 

15 invalid data". 
16 

17 Regarding claim 17, the antecedent basis for the recitation "said operation" is 

18 ambiguous. Specifically, claims 15 and 17 recite "an invalid operation", "an operation 

19 executed by said input/output data" [claim 15], "operation", and "an operation executed 

20 by said input/output data" [claim 1 7]. For purpose of examination, the examiner 

21 presumes the applicant to recite "operation". 
22 
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1 All other claims depending upon the above rejected claims are rejected by virtue 

2 of dependency. 
3 

4 Claim Rejections - 35 USC § 102 

5 

6 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 

7 form the basis for the rejections under this section made in this Office action: 

8 (e) the invention was described in (1) an application for patent, published under section 122(b), by 

9 another filed in the United States before the invention by the applicant for patent or (2) a patent 

1 0 granted on an application for patent by another filed in the United States before the invention by the 

1 1 applicant for patent, except that an international application filed under the treaty defined in section 

1 2 351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 

1 3 only if the international application designated the United States and was published under Article 21 (2) 

14 of such treaty in the English language. 
15 

16 

17 Claims 15-26 and 28 are rejected under 35 U.S.C. 102(e) as being 

18 anticipated by Rothermel et al. (Rothermel), U.S. Patent 6,678,827 B1. 

19 
20 

21 Regarding claim 15, as best understood, Rothermel discloses: 

22 first software that acquires input/output data that is input or output over a network 

23 that is connected to said computer, or over an externally connected bus that connects 

24 said computer with an external device (Rothermel, 7:50-53; 2:1 5-23); 

25 second software that identifies ID information from said input/output data for 

26 identifying a user (Rothermel, 7:50-53; 2:15-23; 10:37-46; fig. 5c). Herein, Rothermal 

27 discloses that software ["second software"] identifies ID information (e.g. sender 

28 information, recipient information) from the input/output data; 
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1 third software that acquires at least part of user attribute data corresponding to 

2 said ID information from a user-information-storage unit that stores attribute information 

3 for all users having authorization to use said computer (Rothermel, 7:50-53; 2:1 5-23; 

4 4:49-56; fig. 5c - herein, the system acquires corresponding defined aliases or user 

5 data such as their network address, group information ["user attribute data"] in order to 

6 implement a enforce a policy); 



7 fourth software that determines whether said input/output data is invalid by 

8 reference to a determination-rule-storage unit that stores rules for determining whether 

9 said input/output data is invalid data (Rothermel, 1 :56-2:5; 7:50-53; 2:1 5-23; 1 1 :46-58; 

10 4:49-56; fig. 5c - herein, the system references a policy comprising rules within a 

1 1 "determination-rule-storage" unit for determining valid/invalid data; 

1 2 and fifth software that stops an operation executed by said input/output data 

1 3 when said fourth software determines that said input/output data is invalid data 

14 (Rothermel, 15:48-16:6 - herein, Rothermel discloses that invalid data may be blocked 

15 or manipulated thus preventing execution of unsafe data); 

1 6 wherein said determination-rule-storage unit stores determination rules that 



1 7 correspond to user attributes (Rothermal, 1 0:36-65; fig. 5c); and said fourth software 

1 8 determines whether said input/output data is invalid data in accordance with said 

1 9 determination rules that correspond to user attributed acquired by said third software 

20 (Rothermel, fig. 1:131; 1 0:24-1 1:17; 7:49-53). 
21 

22 Regarding claim 16, Rothermel discloses: 
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1 sixth software that references said user-information-storage unit and determines 

2 whether the user corresponding to said ID information has authorization to use said 

3 computer; and seventh software that stops operation by said input/output data when it is 

4 determined in the determination of authorization that there is no authorization to use 

5 said computer (Rothermel, 7:39-53; 5:14-17; 10:24-46; fig. 5c); 

6 wherein said sixth software determines authorization of the user to use said 

7 computer before execution of said third and fourth software, and when the sixth 

8 software determines that there is no authorization to use said computer, said program 

9 causes said computer to not execute at least one of the third and fourth software 
10 (Rothermel, 15:30-45). 

11 



12 Regarding claim 17, Rothermel discloses: 

1 3 sixth software that references a profile-storage unit that stores log data related to 

14 said input/output data as profiles for each user (Rothermel, 14:13-22 - herein, 

15 Rothermel discloses that the security software comprises logging means with the ability 

16 to reference log data (i.e. fig. 1 :165), 

1 7 and compares input/output data acquired by said first software with a normal 

1 8 operation trend of said user to determine whether operation is unusual; and wherein 

1 9 said fifth software stops an operation executed by said input/output data also when it is 

20 determined in said determining by said sixth software that said operation is unusual 

21 (Rothermel, 1:56-2:5; 7:50-53; 2:15-23; 11:46-58; 4:49-56; 15:48-16:6- herein, the 
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1 security software compares "input/output" data to the user and/or device's allowable 

2 normal operation (i.e. "normal operation trend") as defined by the system rules). 
3 

4 Regarding claim 18, Rothermel discloses: 

5 wherein said software executes a process of interrupting a session when said 

6 first software acquires said input/output data from a network (Rothermel, 17:1 0-1 7 — 

7 Rothermel discloses interrupting a communication session). 
8 

9 Regarding claim 20, it is rejected, at least, for the same reasons as claims 15 - 

10 18, and furthermore because Rothermel discloses: 

1 1 fifth software that notifies a terminal being operated by said user or administrator 



1 2 that an operation being executed by said input/output data is an invalid operation when 

1 3 said fourth software determines whether said input/output data is invalid that said 

1 4 input/output data is invalid data (Rothermel , 1 6:49-62). 
15 

16 Regarding claims 21 - 26 and 28, they comprise essentially similar recitations as 

17 claims 15-20, and they are rejected, at least, for the same reasons. 
18 

19 
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1 Claim Rejections - 35 USC § 103 

2 

3 The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 

4 obviousness rejections set forth in this Office action: 

5 (a) A patent may not be obtained though the invention is not identically disclosed or described as set 

6 forth in section 102 of this title, if the differences between the subject matter sought to be patented and 

7 the prior art are such that the subject matter as a whole would have been obvious at the time the 

8 invention was made to a person having ordinary skill in the art to which said subject matter pertains. 

9 Patentability shall not be negatived by the manner in which the invention was made. 
10 

1 1 Claims 19 and 27 are rejected under 35 U.S.C. 103(a) as being unpatentable 

12 over Rothermel. 

13 

14 Regarding claims 19 and 27, Rothermel discloses stop the execution of data 



15 transmission (Rothermel, 2:9-23), and that the security software comprises drivers for 

16 executing data transmission (Rothermel, 6:15-19; 5:14-17). However, Rothermel does 

1 7 not appear to explicitly recite stopping the execution of a data transmission driver when 

18 it is decided to stop the execution of data transmission. However, the examiner notes 

1 9 that it would have been obvious to one of ordinary skill in the art, in light of logical 

20 reason and common sense, to stop the means for executing data transmission (i.e. 

21 transmission driver) when it is necessary to stop data transmission. 

22 Furthermore, it is noted that Rothermel enables: 

23 when said input/output data is acquired from an externally connected bus in said 

24 acquisition of input/output data (Rothermel, 6:15-19; 5:14-17 - Rothermel discloses 

25 blocking the execution of input/output information acquired from a external signal line 

26 ("bus")). 
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1 

2 Response to Arguments 

3 

4 Applicant's arguments filed 12/22/08 have been fully considered but they are not 

5 persuasive. 
6 

7 Applicant argues or asserts essentially that: 

8 

9 (i) There is no disclosure in Rothermel that either the software or the stored policy 

1 0 information associates user attributes with user identities. (Remarks, pg. 23) 
11 

12 In response, the examiner respectfully notes that the claims do not recite 

13 associating user attributes with user identities. In response to applicant's argument that 

14 the references fail to show certain features of applicant's invention, it is noted that the 

1 5 features upon which applicant relies (i.e., the software or the stored policy information 

1 6 associates user attributes with user identities) are not recited in the rejected claim(s). 

17 Although the claims are interpreted in light of the specification, limitations from the 

18 specification are not read into the claims. See In re Van Geuns, 988 F.2d 1 181 , 26 

19 USPQ2d 1057 (Fed. Cir. 1993). 
20 

21 (ii) Again, there is no disclosure here of ... using the user attributes with the stored 

22 rules to make data validity determinations. (Remarks, pg. 23) 
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1 

2 In response, the examiner respectfully notes that the prior art clearly discloses 

3 utilizing defined aliases stored within policies to make validity determinations. The 

4 defined aliases comprise user attribute data such as the a user's IP address 

5 (Rothermal, fig. 5c; 10:24-63). 
6 

7 (iii) Thus, Rothermel does not disclose that the user's ID is used to acquire an IP 

8 address from the table of Figure 5C and that acquired IP address is used with a 

9 corresponding rule to determine if a packet is valid. (Remarks, pg. 24) 
10 

1 1 In response to applicant's argument that the references fail to show certain 

12 features of applicant's invention, it is noted that the features upon which applicant relies 

13 (i.e., the user's ID is used to acquire an IP address from the table of Figure 5C and that 

1 4 acquired IP address is used with a corresponding rule to determine if a packet is valid) 

15 are not recited in the rejected claim(s). Although the claims are interpreted in light of 

16 the specification, limitations from the specification are not read into the claims. See In 

17 re Van Geuns, 988 F.2d 1 181 , 26 USPQ2d 1057 (Fed. Cir. 1993). 
18 

1 9 (iv) Moreover, while the Examiner may argue that an IP address is an attribute of a 

20 network device, an IP address is not an attribute of the user. (Remarks, pg. 24) 
21 
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1 In response, the examiner respectfully notes that a user's address is a clearly a 

2 property of a user (i.e. "attribute" of a user). It is respectfully noted that the applicant's 

3 argument (an IP address is not an attribute of the user) is merely an assertion and is not 

4 supported by evidence or rational. 
5 



6 Conclusion 

7 

8 The prior art made of record and not relied upon is considered pertinent to 

9 applicant's disclosure: 
10 

1 1 See Notice of References Cited. 

12 

13 Applicant's amendment necessitated the new ground(s) of rejection presented in 

14 this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

1 5 § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 

16 CFR 1.136(a). 

17 A shortened statutory period for reply to this final action is set to expire THREE 

1 8 MONTHS from the mailing date of this action. In the event a first reply is filed within 

19 TWO MONTHS of the mailing date of this final action and the advisory action is not 

20 mailed until after the end of the THREE-MONTH shortened statutory period, then the 

21 shortened statutory period will expire on the date the advisory action is mailed, and any 

22 extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
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1 the advisory action. In no event, however, will the statutory period for reply expire later 

2 than SIX MONTHS from the date of this final action. 

3 Any inquiry concerning this communication or earlier communications from the 

4 examiner should be directed to Jeffery Williams whose telephone number is (571 ) 272- 

5 7965. The examiner can normally be reached on 8:30-5:00. 

6 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

7 supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 

8 number for the organization where this application or proceeding is assigned is (703) 

9 872-9306. 

10 Information regarding the status of an application may be obtained from the 

1 1 Patent Application Information Retrieval (PAIR) system. Status information for 

12 published applications may be obtained from either Private PAIR or Public PAIR. 

13 Status information for unpublished applications is available through Private PAIR only. 

14 For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 

15 you have questions on access to the Private PAIR system, contact the Electronic 

1 6 Business Center (EBC) at 866-21 7-91 97 (toll-free). 
17 

18 

19 J.Williams 

20 AU 2437 
21 

22 /Emmanuel L. Moise/ 

23 Supervisory Patent Examiner, Art Unit 2437 
24 



